Consider Yourself Forewarned
“Malicious cyber activity” is on the rise, said Christopher C. Krebs, Director of the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, who recently cautioned American industries and government agencies about the growing potential for Iranian cyber attacks.
The United States launched an online attack against Iran on June 22 in direct response to the shooting down an unmanned U.S. drone that followed mine attacks against two oil tankers.
Maturing Cyber Military Capabilities
The U.S. cyberattack, which had been planned for several weeks, targeted multiple Iranian intelligence computer systems that controlled its rocket and missile launchers, according to reports in the New York Times and the Wall Street Journal.
The attacks specifically targeted Iran’s Islamic Revolutionary Guard Corps computer system, reported the Military Times, and demonstrated increasingly mature cyber-military capabilities by the U.S. Cyber Command.
The effect on Iranian intelligence systems will likely be temporary since networks taken offline can usually be restored with enough time and effort.
There are concerns Iran may attempt to retaliate with a cyberattack of its own. “Multiple cybersecurity firms said they had already seen signs Tehran is targeting relevant computer networks for intrusion and appeared particularly focused on the U.S. government and the American energy sector, including oil and gas providers,” reported the Journal.
The National Security Agency said that “there have been serious issues with malicious Iranian cyber actions in the past,” although it would not comment on specific Iranian cyber actions in its statement to the AP.
New U.S. Rules for Cyberattacks
The U.S. attacks are evidently the first reported exercise of new powers granted to U.S. Cyber Command by the president and Congress last year that more easily allow disruptive cyber operations against countries that didn’t involve election security.
During the 2018 midterm elections, U.S. Cyber Command jammed servers belonging to the Internet Research Agency, a Russian troll farm, in a classified operation called Synthetic Theology.
Potential for Lasting Damage
In addition to taking systems offline, cyberattacks by foreign hackers have the potential to cause lasting damage to large enterprises.
Besides stealing data and money, cyber-attacks can delete data or take down entire networks. “What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network,” warned Mr. Krebs.
The Growing Threat by Governments
Recent cyberattacks provide evidence of what CNN Money calls “a frightening trend: governments are hacking private companies. Chinese hacker spies have stolen business plans from U.S. power plants. Russian hackers have broken into American and European oil and gas companies. And most recently, leaked documents show American and British spies hacked a phone SIM card maker in the Netherlands.”
Private companies and civilian organizations simply don’t have the resources to handle such an attack. A predatory government can spend billions of dollars to create a virtual army of hackers. Most for-profit companies only have a small cybersecurity team (if that).
Over the last ten years, Iranians have strengthened their cyber abilities to strike back while hardening and disconnecting much of their infrastructure from the internet after the Stuxnet worm attack (attributed to the U.S. and Israel) disabled centrifuge systems in 2010.
Iranian intrusions into U.S. banks in 2012 and 2013 now look like practice runs in retrospect. In 2014, Iran breached the Las Vegas Sands Corp., the world’s largest gaming company. Described as a “destructive cyberattack” by then-CIA Director James Clapper, the casino attack was an equivalent to North Korea’s hack of Sony, reported CNN Money.
More recently, suspected Iranian hackers “targeted U.S. government agencies, as well as sectors of the economy, including finance, oil and gas, sending waves of spear-phishing emails, according to representatives of cybersecurity companies CrowdStrike and FireEye, which regularly track such activity,” reported the Military Times.
Clearly, such intrusions illustrate the growing need for government and civilian organizations, including utilities, hospitals, banks, and large enterprises to implement strong cybersecurity measures to protect critical data and systems.
Talk to your Cask advisor about your particular cybersecurity needs and concerns. Our assessment team can provide the expertise and security clearances necessary to set up cyber survivability plans and protect your organization against attack. Contact us HERE.
Find out whether ServiceNow will work for your unique business needs. Contact our team to get the same level of expertise as the “big guys” with the quality of results that only the artisan engineers at Cask can provide.